<?php
/**
 * Created by PhpStorm.
 * User: Administrator
 * Date: 2017/4/12
 * Time: 17:57
 */

namespace Tools;

use Org\Util\Rbac;
use Think\Controller;

class AuthController extends Controller
{
    function __construct()
    {
        parent::__construct();
        if (empty(cookie("username"))) {
            $this->redirect('Index/login', array(), 0);
        }
        $user = D('ssg_account');
        $user_role_id = $user->where("account='" . cookie('username') . "'")->field('roleId')->find();
        //将要访问的控制器字段
        $now_auth = CONTROLLER_NAME . '-' . ACTION_NAME;

        $permission = D('ssg_role_modules_operate');

        $result = $permission->where("roleId='" . $user_role_id['roleId'] . "'")->find();
        //id字符串
        $role_id = $result['role_auth_id'];
        //字符串数组
        $arr = explode(',', $role_id);

        //权限储存的标
        $modules = D('ssg_modules');
        $str = "";
        foreach ($arr as $k => $v){
            $s = $modules->where("id='".$v."'")->field('controller,method')->find();
            if($s['controller'] != null && $s['method'] != null){
                $str .= $s['controller']."-".$s['method'].",";
            }
        }
        $str = rtrim($str,",");
        
        if (strpos($str, $now_auth) === false && strpos(__DEFAULT_PERMISSION__, $now_auth) === false &&  $user_role_id['roleId'] != 1) {
            dump("权限不够,不能访问此页面");
            exit();
        }
    }
}